4756b0df0279c72945b8458636ef48a10a120ca0c5aa888acf380bf5df5a3f13

Resubmissions

07/05/2024, 12:58

240507-p7s6zsbc57 3

30/04/2024, 13:18

30/04/2024, 12:58

30/04/2024, 12:55

29/04/2024, 12:08

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
07/05/2024, 12:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Screenshot 2024-04-29 14.08.01.png
Size

193KB
MD5

c878a00682bede49df94e06e07db447f
SHA1

3d2c0e0abdd723598b036abf7b884a2e5f643b56
SHA256

4756b0df0279c72945b8458636ef48a10a120ca0c5aa888acf380bf5df5a3f13
SHA512

b04a31e781e8e50332f01c9f648ecd3e5448488a37dfc51a69c6c34f970d00cae375bb0217cca3d0d356dcece0c84c909680275ee3cdcb7880e5d0da3cfab196
SSDEEP

6144:2fn+ThcZbvN2X0M/nbj2lEL2ZSzCwjGUZ0/l8:2P+GZjMzbj2G3eLXG

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133595603810496066"	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2928	chrome.exe
2928	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe
Token: SeShutdownPrivilege	2928	chrome.exe
Token: SeCreatePagefilePrivilege	2928	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe
2928	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2928 wrote to memory of 3272	2928	chrome.exe	106
PID 2928 wrote to memory of 3272	2928	chrome.exe	106
PID 2928 wrote to memory of 5072	2928	chrome.exe	107
PID 2928 wrote to memory of 5072	2928	chrome.exe	107
PID 2928 wrote to memory of 5072	2928	chrome.exe	107
PID 2928 wrote to memory of 5072	2928	chrome.exe	107
PID 2928 wrote to memory of 5072	2928	chrome.exe	107
PID 2928 wrote to memory of 5072	2928	chrome.exe	107
PID 2928 wrote to memory of 5072	2928	chrome.exe	107
PID 2928 wrote to memory of 5072	2928	chrome.exe	107
PID 2928 wrote to memory of 5072	2928	chrome.exe	107
PID 2928 wrote to memory of 5072	2928	chrome.exe	107
PID 2928 wrote to memory of 5072	2928	chrome.exe	107
PID 2928 wrote to memory of 5072	2928	chrome.exe	107
PID 2928 wrote to memory of 5072	2928	chrome.exe	107
PID 2928 wrote to memory of 5072	2928	chrome.exe	107
PID 2928 wrote to memory of 5072	2928	chrome.exe	107
PID 2928 wrote to memory of 5072	2928	chrome.exe	107
PID 2928 wrote to memory of 5072	2928	chrome.exe	107
PID 2928 wrote to memory of 5072	2928	chrome.exe	107
PID 2928 wrote to memory of 5072	2928	chrome.exe	107
PID 2928 wrote to memory of 5072	2928	chrome.exe	107
PID 2928 wrote to memory of 5072	2928	chrome.exe	107
PID 2928 wrote to memory of 5072	2928	chrome.exe	107
PID 2928 wrote to memory of 5072	2928	chrome.exe	107
PID 2928 wrote to memory of 5072	2928	chrome.exe	107
PID 2928 wrote to memory of 5072	2928	chrome.exe	107
PID 2928 wrote to memory of 5072	2928	chrome.exe	107
PID 2928 wrote to memory of 5072	2928	chrome.exe	107
PID 2928 wrote to memory of 5072	2928	chrome.exe	107
PID 2928 wrote to memory of 5072	2928	chrome.exe	107
PID 2928 wrote to memory of 5072	2928	chrome.exe	107
PID 2928 wrote to memory of 2444	2928	chrome.exe	108
PID 2928 wrote to memory of 2444	2928	chrome.exe	108
PID 2928 wrote to memory of 3944	2928	chrome.exe	109
PID 2928 wrote to memory of 3944	2928	chrome.exe	109
PID 2928 wrote to memory of 3944	2928	chrome.exe	109
PID 2928 wrote to memory of 3944	2928	chrome.exe	109
PID 2928 wrote to memory of 3944	2928	chrome.exe	109
PID 2928 wrote to memory of 3944	2928	chrome.exe	109
PID 2928 wrote to memory of 3944	2928	chrome.exe	109
PID 2928 wrote to memory of 3944	2928	chrome.exe	109
PID 2928 wrote to memory of 3944	2928	chrome.exe	109
PID 2928 wrote to memory of 3944	2928	chrome.exe	109
PID 2928 wrote to memory of 3944	2928	chrome.exe	109
PID 2928 wrote to memory of 3944	2928	chrome.exe	109
PID 2928 wrote to memory of 3944	2928	chrome.exe	109
PID 2928 wrote to memory of 3944	2928	chrome.exe	109
PID 2928 wrote to memory of 3944	2928	chrome.exe	109
PID 2928 wrote to memory of 3944	2928	chrome.exe	109
PID 2928 wrote to memory of 3944	2928	chrome.exe	109
PID 2928 wrote to memory of 3944	2928	chrome.exe	109
PID 2928 wrote to memory of 3944	2928	chrome.exe	109
PID 2928 wrote to memory of 3944	2928	chrome.exe	109
PID 2928 wrote to memory of 3944	2928	chrome.exe	109
PID 2928 wrote to memory of 3944	2928	chrome.exe	109
PID 2928 wrote to memory of 3944	2928	chrome.exe	109
PID 2928 wrote to memory of 3944	2928	chrome.exe	109
PID 2928 wrote to memory of 3944	2928	chrome.exe	109
PID 2928 wrote to memory of 3944	2928	chrome.exe	109
PID 2928 wrote to memory of 3944	2928	chrome.exe	109
PID 2928 wrote to memory of 3944	2928	chrome.exe	109
PID 2928 wrote to memory of 3944	2928	chrome.exe	109
PID 2928 wrote to memory of 3944	2928	chrome.exe	109

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\Screenshot 2024-04-29 14.08.01.png"
1⤵
PID:4524

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffecef2cc40,0x7ffecef2cc4c,0x7ffecef2cc58
  2⤵
  PID:3272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1964,i,11990276514734525393,2147558454283072765,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=1960 /prefetch:2
  2⤵
  PID:5072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2060,i,11990276514734525393,2147558454283072765,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2204 /prefetch:3
  2⤵
  PID:2444
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2304,i,11990276514734525393,2147558454283072765,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2516 /prefetch:8
  2⤵
  PID:3944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3180,i,11990276514734525393,2147558454283072765,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3204 /prefetch:1
  2⤵
  PID:4080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3360,i,11990276514734525393,2147558454283072765,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3284 /prefetch:1
  2⤵
  PID:2104
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4624,i,11990276514734525393,2147558454283072765,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4592 /prefetch:1
  2⤵
  PID:4880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4740,i,11990276514734525393,2147558454283072765,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4748 /prefetch:8
  2⤵
  PID:1404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4884,i,11990276514734525393,2147558454283072765,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4608 /prefetch:8
  2⤵
  PID:2300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4872,i,11990276514734525393,2147558454283072765,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5032 /prefetch:8
  2⤵
  PID:936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4756,i,11990276514734525393,2147558454283072765,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5036 /prefetch:8
  2⤵
  PID:2372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4064,i,11990276514734525393,2147558454283072765,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4888 /prefetch:1
  2⤵
  PID:3820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4412,i,11990276514734525393,2147558454283072765,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5228 /prefetch:1
  2⤵
  PID:2548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=3424,i,11990276514734525393,2147558454283072765,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3524 /prefetch:1
  2⤵
  PID:2544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4940,i,11990276514734525393,2147558454283072765,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5292 /prefetch:1
  2⤵
  PID:216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=4708,i,11990276514734525393,2147558454283072765,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5276 /prefetch:8
  2⤵
  PID:2816
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5612,i,11990276514734525393,2147558454283072765,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5640 /prefetch:1
  2⤵
  PID:400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5876,i,11990276514734525393,2147558454283072765,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5860 /prefetch:1
  2⤵
  PID:2540

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
1⤵
PID:728

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3784

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x338 0x33c
1⤵
PID:2136

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
0b0a96934a44e7fde3da66a036b1740c

SHA1
7958097ee334d1510ca1f7246904ee00b0120277

SHA256
4ebdb161d75e6044c37c348cb0461e5bf0a29522611dc35f6692f4e013dbfa92

SHA512
40e2287f2dcf4c6e98837b5075ff39386b2da99c4698186f3423c1110dec746abbdd0b65546f9545593cf754c56e8c6fda2623c6e22bb4c7d62e1c1ce29cde6b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
69KB

MD5
1aca9c8ab59e04077226bd0725f3fcaf

SHA1
64797498f2ec2270a489aff3ea9de0f461640aa0

SHA256
d79727a3a88e8ec88df6c42d9bb621a9c3780639c71b28297957ada492949971

SHA512
d63ebb8d19e6cbe9714603688bc29eda4e347e1bf0bb9b0b7816225220263781b84966413a946feb4ae27750371de01e03092dacc4051116073c518d6217fe65

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
324KB

MD5
5c82fbd0b1cd270f7c65303b3c8fb9e5

SHA1
ffb59631c979ee114cba5484be51694d6f309470

SHA256
01229aeb587d354e5f41305660f5cc35d0077d40c5f26b6199eb39a0851c0ea3

SHA512
754cf0ec3d3f950662bd5d3da1da4ffa61cd910bc8ed7ffb9f2a5e9d8bf757e6490f5803cdd5e9f3dc0b81f5c9a989b8765743ec2f5a34e61a310f49b8f18a17

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
140KB

MD5
dc361bd84ba97a8d56b670a8a322b230

SHA1
720f99b29994c857d5c90ad2eae3bba84ddd1a96

SHA256
9cc3a0db61559bed22861618308750cacaa492e3feec503fb62618b4b9b6858c

SHA512
2ed12e28c90a422b3c9f6d03528acacb48776a387ab5e7e8476b7f85acdfe9e42ffcb3fdb9d0dcf3c5064b2366d7ece055664e9f31a534e67dd74f4178d2d4bd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000043

Filesize
44KB

MD5
88477d32f888c2b8a3f3d98deb460b3d

SHA1
1fae9ac6c1082fc0426aebe4e683eea9b4ba898c

SHA256
1b1f0b5ef5f21d5742d84f331def7116323365c3dd4aec096a55763e310879d8

SHA512
e0c0588ff27a989cac47797e5a8044983d0b3c75c44416c5f977e0e93e9d3a9321b9283ea077e6dcad0619ac960ee45fe8570f1d5cc7d5d4117fee4f2f0c96b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
7c11dde16aba8edff332f7ad0ffb898f

SHA1
4f08b4e9e3837e9ebfb5d092a0e16866be83713a

SHA256
45fbac18e8a1209567ac8d82b54661d614289eca1dfccdf8ca9632cac011fe54

SHA512
c11c979249e41d27ca02cb4f98fad1c3c2963d1c8cfdecd3c6e1bab49b55eee35bc2ff753268ca749676476db15fa29426e0b47867560a3e63cfa51fb571ab26

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
ba06c4e8976a4af909992b10acafdb51

SHA1
d08962aaef344316d70fe8798b935c230cde52e6

SHA256
0bb8eeb04e4e6179a7a9f83073a7f6f24e140a7e8eb0e1f471f2f9c5c07a33c9

SHA512
ddafc1b24c6161aea84b983b4f4526d902454b09fe9af7461dd8c859c0025a7a2edf1d35cf0f7153038623f01c6d0367a5cb5e4de49fd22565698704aca75825

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
e782b292e0a9b70fc100b747c0b6a8d6

SHA1
ec7971b4d6078798092d6cf4462feccbd1909310

SHA256
5e82a3cdac850964d2c554bffc4cfa729455964f89592495f89416a063fc356b

SHA512
4b454f378c0fd0754fc7f16fda65c1e6ba5b98ece417af038a20ef80de490cc53f89d9afd778800772012b2f55071adc363d95fb354e5209b9a2894d35d3f0fe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
c98e8399acc1b57599e1ab9929a763b3

SHA1
b0fb30c63d9503d70612e925d123a994df4ec13f

SHA256
66548bd8e9100b268530e5f951a970bda226837e9553205095271a4cac465129

SHA512
5b457d12ddf8cf5cacda8a69839c70ba8055c44797587536f8f28c95ef3ea6c4be21ec01a897cc270481c71b146c4b3c54bf3d7498ec9f79a74863c698e456a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
0b792b7cdaa407a5e994ebcfae35ce61

SHA1
1e81cac05bc4c9d62ac226741367ff423c48277d

SHA256
7bc7b3c3a8d52a87a15ebefaa0a8b63f48fa6bb67dd47ddf16b1f2614980302f

SHA512
4d2769f36b64bf6fa0a5267a567a0c14c711557045953a5f343f2c34f9547c31aaf4ffefd01142956677238d980f2280b37fefea6481e3d1ee168acec74f35ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
40b6592768118e1f89baf8235974789b

SHA1
6bf610e20c037197a678deecc8fd510ee4b55b7f

SHA256
685a6c8f71d010bddf06904e7c4d0050f84c599b091dd8c9bfcfc8670772ca42

SHA512
5995366cc6457a908ecc4aa1bf0520e518aa5cfba4c27a928cb4fe873387fd455472dfa1531bba0d76a8f98157f324c9bc00955afe59dbce35ab0392306b9427

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
e7e5b8e8b7e3a1af1bb3de2a5256c90e

SHA1
cfc992244cdde275f4a3de005b96b7ac9a798344

SHA256
107e6e2578e34dfe46247d11413ebda5d347f34f860bee2536daefa30da3aadc

SHA512
e62be0bbe19a98f50d285329ae19c5dc9b7f8aa3d879afed99d3c72a6e137dbcd238571da25331f0eba239cc88c4f4859d405055004d5d49a83f9e41d696476f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
79330629f0348aca347d706e6a68bc40

SHA1
6c7ed009b9427e98f56f917d2bba04effd644631

SHA256
469bb237f030640685ec6ce96e01a28c27db373ce17ad394e9bfc869ea5d1858

SHA512
2ac77e1bc9e813c6096fd8c219d4396c823968e65fd72af778bbefbf291f1a36e2a4b613ad178c605dc87075bd878829786d412690bea37e6a16c2c904184fef

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
f56891acb25e2cd4ada0607c107f6e03

SHA1
27999147b1ae6a28d0685cc88dfc1686480c546f

SHA256
04ba2d40cff5c7a190468a60c30802cb7c3c7e0ae74de1099e3ab22f14a4e65b

SHA512
89ac1120a079c1d17a558dc4df4852f404525cc1c447cbf919a7c8ad60db7a1d50796300d671e8ed20a4c8eaa57690eb735474ec6a1945731f99ec0489609bcd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
a931733ad2241e822ed17fda444f3d4e

SHA1
626acd255087910fe045071a2d2ee91eb16abb14

SHA256
0fa58f692fb38ddc61d8d3fbff5ef852a8394ac16937717552622245ca09256d

SHA512
194b3b30cd0ff973d12d2efb2fcdbdf1afc0a962857389a1355d4a70aec7b8fee64e820d24bffdd088ad5b182b5cb8952f63fdf9ec9015ea973d9eae67af359e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
7070b62fece15253e92e4ee44318e7b5

SHA1
d8a1a1cc96f5d69461ba23f00bd4c8accd09517c

SHA256
0f2a0ce8bf985278c436fdb27b33717b163027441529621485bfd0df5d548c48

SHA512
f946cb4f1e30d8d82d158d4ede7da1afac20e4b116ebd887b70bfb07eddc318312a5ec0380bb47e050d626d849a9042508ffcfd351a7807e8f9635295f2f78dc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
5d500a2d64a44421a2b53d60bc8eba41

SHA1
0249b778e8f2c0f034a551562b3e9b73070250a3

SHA256
48486ac350efa82f943748879f920de14a4640e50299efad4257a68ad0c2ebdc

SHA512
d92593aee08657684d0656d6272f4676040fec67705ffed386b6f1d7e7c50666c76cd8254d0adb36589bddc1a1a684bdf6a1b10f085152891668bab5d5c390f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
9a45e194ee51f1ba4a56e991ded9af5f

SHA1
3b8b6742a0a247985bd31d0e793f2bb042923041

SHA256
d57a0bf25a27e5e84948a6f350431dc2bd7d908c9492d8a42e6a626afbd0041b

SHA512
7ca5bc9030b8240df983e2425bed350dc55176cd60e0b17a2323ac36910033f3e72999caa517241e720202e9f1f2bb1b4a74c9897e24bdcf5e91920133032556

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
ebca80c6aca658211b9a9afee088d4de

SHA1
b5f870f6ac8738197d6db56398ef1bd1017f9738

SHA256
145c941126b78944af7a1fa0f2d5a21bf01e250e6c1a711e2a89b07b9674c2f1

SHA512
16e10d8f7002040205c4fe212ed742d885fbf8412b4a9eace696c7f7cfff9393bb3fc6ab2ac995e580ea7fcc8b6bb13691a893c01f583913e5ac9d670646a15b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
3949f162370abea8eb3cea314c9e3682

SHA1
14b1c3505523bcb8f02d4c8352d942ef5071df24

SHA256
992818eeae6ff2414332bf7fcd5f107ed0e7f74209b7156abaefe3792603b108

SHA512
46d764d3ac4c7a8779445822c2ad435cb79b901f29f573e3addeee74ca4d169b94afa09988e7d9aebb0bf4892a3932b71e8ebc872e37ca8fc30c3448ceb59703

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt

Filesize
76B

MD5
a7a2f6dbe4e14a9267f786d0d5e06097

SHA1
5513aebb0bda58551acacbfc338d903316851a7b

SHA256
dd9045ea2f3beaf0282320db70fdf395854071bf212ad747e8765837ec390cbc

SHA512
aa5d81e7ee3a646afec55aee5435dc84fe06d84d3e7e1c45c934f258292c0c4dc2f2853a13d2f2b37a98fe2f1dcc7639eacf51b09e7dcccb2e29c2cbd3ba1835

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt

Filesize
140B

MD5
420b601f8ab90f8429151aac34475287

SHA1
1218716431df1be379810ff6a9f6b518001da53e

SHA256
d1bcdb4110f5156508e1b3b9b4c1fff5bb2d68b20a7ee8ff250fa70d4cf0bcdf

SHA512
c70081b993314526ae16d337d59eaa0734236b1a37bfc5f54e7f3b5d48354e7dd5689630917a280cca9d45c063902071b8395bcdab5c530b220cdcd39d636068

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\2\CacheStorage\index.txt~RFe58cec5.TMP

Filesize
140B

MD5
eae1f27e031f385fe7eadc2f5cd6fddd

SHA1
80bdc39c3eda9d221b94d8d88dc65647cec31158

SHA256
b9800cf70f6a6026cb435fe6932f6b86c506ad70e846e1446f9a75b37fb4a956

SHA512
8bb955a56ddde0943828cded0cde6e7856c855ff01410d4ea5d7cf97c9aade22e526d0d37ca3d51769356774cb5c07d83d77d9eb5756ffacaf25c9ddd0da96a2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
152KB

MD5
64986bb8a33c99c84635e88a55a203c9

SHA1
20339d76fa8fc1d5b55cd23190083dcb7f4c6264

SHA256
2e8eaa0ec6a6e1e8debcd83c8edf6e027d0274fab138476c28c9b5b10fec15ae

SHA512
80158352ef8f5391cb5039745fa02bef54b4c8b1bfd798f59feb9f1870681273c8a272806acf021bb4b20a574ca94b8829a2c043e34c33fa96afaca3e47b3875

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
152KB

MD5
4cf68be5b9cae5e450bd102ae7697280

SHA1
8c5d5184b30ea64735fc6439e5b5f576dee43ffb

SHA256
ecf389b0835bb8ce575f7d5ca19c41a3f1c72137cf174180e9987667e95fe456

SHA512
bffa1b84d45e116b48a6da08c6b5d62b460abc1877064602a15b0e848caa64020c28505c85b3140c82a5147338afb83c59b9db102c12363d4746eace70a78347

Download Submit